Home Unlabelled Cisco Application Policy Infrastructure Controller Insecure Credentials Vulnerability

Cisco Application Policy Infrastructure Controller Insecure Credentials Vulnerability

By
Wednesday, December 16, 2015
Read
Add Comment
A vulnerability in the boot process of the Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, local attacker to access the APIC as the root user.

The vulnerability is due to improper implementation of access controls in the APIC system. An attacker could exploit this vulnerability by accessing the boot manager of the APIC. An exploit could allow the attacker to access the APIC as the root user and perform root-level commands in single-user mode.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: http://ift.tt/1JbXjjj

from Cisco Security Advisory http://ift.tt/1JbXjjj
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us